Internet
Security

An Overview

As
Internet security threats continue to evolve,
this overview outlines strategies that businesses
can use to help decrease these threats.

The unprecedented connectivity of the Internet age
has led to enormous social and economic benefits, but
has also introduced numerous new challenges. In a fully
connected world, Internet security threats continue
to evolve, keeping ahead of the most advanced defenses.

Background

Network-based security threats have led to widespread
identity theft and financial fraud. Spam, viruses,
and spyware cause significant problems for consumers
and businesses. A security breach may irreparably damage
a company's brand or reputation. In the United States,
Internet security issues threaten to slow the national
adoption of electronic medical records. In the European
Union, consumer confidence regarding Internet security
and data protection is a barrier to the more rapid
expansion of e-commerce across member state borders.

Today’s information attacks are a profitable
business enterprise and are often controlled by organized
crime syndicates. A growing number of sophisticated
cybercrime business models, including the emergence
of criminal enterprises, are built around selling tools
and services for launching network attacks, rather
than simply selling information gained from attacks.

Internet security technology continues to advance,
changing from passive, point product-based to active,
end-to-end approaches to recognition, containment,
and quarantine. In addition, Internet Service Providers
(ISPs) are competing on security and consumer ISPs
offer Internet security as part of their service.

Policy makers around the world are focused on the
state of the information infrastructure. Policy makers
want to ensure that users of networks employ the best
technology and process practices to make networks as
secure as possible. Governments and businesses continually
update their strategies to prevent attacks, and public-private
partnerships have been formed to develop voluntary,
market-based approaches to security.

Raising consumer and industry awareness of the
importance of network security

Educating users about best practices

Using best practices to secure their own systems

Funding long-term research and development

Aggressively enforcing the laws against cyber crime
and prosecuting criminals that use or attempt to
use the network for theft, fraud, extortion, or other
crimes

Increasing cooperation at an international level
with other governments, law enforcement agencies,
and the private sector on the socialization of best
practices and international prosecution of cybercrime

Cisco does not believe that governments should regulate
security. In general, regulation:

Stifles innovation by picking and choosing specific
technology, rather that letting market competition
develop the best and most advanced solutions

Does not advance quickly enough to keep pace with
current industry needs and newly posed threats